Threat Monitor
Troj.Exploit.JS.MSIE.A
| Aliase: | |
|---|---|
| Pattern: | 201102131330 |
| Threat Typ | Verbreitung | Betroffene Systeme | Gefährlichkeit |
|---|---|---|---|
|
|
|
|
The Microsoft WMI Administrative Tools ActiveX control (WBEMSingleView.ocx) is prone to a remote code execution vulnerability.
The vulnerability is due to the "AddContextRef()" and "ReleaseContext()" methods in the WMI Object Viewer Control (WBEM.SingleViewCtrl.1) with the CLSID:2745E5F5-D234-11D0-847A-00C04FD7BB08 using a value passed in the "lCtxHandle" parameter as an object pointer. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to execute code or cause the victim's browser to crash.
Affected: Microsoft WMITOOLS 1.1
Microsoft WMI Object Viewer ActiveX Control 1.x
The vulnerability is due to the "AddContextRef()" and "ReleaseContext()" methods in the WMI Object Viewer Control (WBEM.SingleViewCtrl.1) with the CLSID:2745E5F5-D234-11D0-847A-00C04FD7BB08 using a value passed in the "lCtxHandle" parameter as an object pointer. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to execute code or cause the victim's browser to crash.
Affected: Microsoft WMITOOLS 1.1
Microsoft WMI Object Viewer ActiveX Control 1.x
